Viktor Dukhovni:
> On Wed, May 08, 2013 at 07:24:03PM +0200, Jukka Salmi wrote:
>
> > Funny, I was just going to report the probably same issue...
> >
> > I can reproduce the problem on up-to-date Linux and FreeBSD systems, but
> > not on a older NetBSD system:
> >
> > Linux/x86_64 Postfix 2.10.0 OpenSSL 1.0.1e
> > FreeBSD/amd64 Postfix 2.10.0 OpenSSL 1.0.1e
> > NetBSD/i386 Postfix 2.7.3 OpenSSL 0.9.9-dev
> >
> > When sending several mails in succession, failure and success seem to
> > alternate (i.e. exactly one failed handshake, then a successful one,
> > then a failed one again, etc.). And not using a TLS session cache for
> > smtp(8) (smtp_tls_session_cache_database) seems to work around the
> > problem.
>
> Thanks, I can reproduce this also with cached sessions and OpenSSL 1.0.1e.
Reproduced with:
OpenSSL 1.0.1a 19 Apr 2012
posttls-finger: Reconnecting after 1 seconds
posttls-finger: < 220 rho.salmi.ch ESMTP
posttls-finger: looking for session
posttls-finger:[178.63.9.175]:587:E951A75BC386AACDCB554CB1A6D7AC48593EBF81C45803F84CCB8509633D254A
in memory cache
posttls-finger: reloaded session
posttls-finger:[178.63.9.175]:587:E951A75BC386AACDCB554CB1A6D7AC48593EBF81C45803F84CCB8509633D254A
from memory cache
posttls-finger: SSL_connect error to rho.salmi.ch[178.63.9.175]:587: 0
posttls-finger: warning: TLS library problem: 12523:error:1408C06F:SSL
routines:SSL3_GET_FINISHED:bad digest length:s3_both.c:262:
posttls-finger: remove session
posttls-finger:[178.63.9.175]:587:E951A75BC386AACDCB554CB1A6D7AC48593EBF81C45803F84CCB8509633D254A
from client cache
Wietse
